辨别 GoDaddy SSL 证书类型

Question 1

gd_bundle-g2-g1.crt：Go Daddy 证书包 - G2 可跨 G1，包含 Root
gdig2.crt：Go Daddy 安全服务器证书（中级证书）-G2
2b9918dccf2f1d.crt：您的证书

来源：https://certs.godaddy.com/anonymous/repository.pki

Answer

gd_bundle-g2-g1.crt：Go Daddy 证书包 - G2 可跨 G1，包含 Root
gdig2.crt：Go Daddy 安全服务器证书（中级证书）-G2
2b9918dccf2f1d.crt：您的证书

来源：https://certs.godaddy.com/anonymous/repository.pki

Question 2

您可以openssl使用x509子命令：

openssl x509 -subject -issuer -noout -in cert.pem

并检查输出。应该是不言自明的。

一个例子：

$ openssl x509 -noout -issuer -subject -in gd-class2-root.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority

$ openssl x509 -noout -issuer -subject -in gd_intermediate.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287

您还可以验证信任链：

$ openssl verify -CAfile gd-class2-root.crt gd_intermediate.crt
gd_intermediate.crt: OK

Answer

您可以openssl使用x509子命令：

openssl x509 -subject -issuer -noout -in cert.pem

并检查输出。应该是不言自明的。

一个例子：

$ openssl x509 -noout -issuer -subject -in gd-class2-root.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority

$ openssl x509 -noout -issuer -subject -in gd_intermediate.crt
issuer= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
subject= /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287

您还可以验证信任链：

$ openssl verify -CAfile gd-class2-root.crt gd_intermediate.crt
gd_intermediate.crt: OK

辨别 GoDaddy SSL 证书类型

答案1

答案2

相关内容